diff options
| -rw-r--r-- | capabilities-map.yaml | 304 | ||||
| -rw-r--r-- | environments/low-memory-usage.yaml | 14 | ||||
| -rw-r--r-- | overcloud.j2.yaml | 10 | ||||
| -rw-r--r-- | puppet/blockstorage-config.yaml | 3 | ||||
| -rw-r--r-- | puppet/cephstorage-config.yaml | 3 | ||||
| -rw-r--r-- | puppet/compute-config.yaml | 3 | ||||
| -rw-r--r-- | puppet/controller-config.yaml | 3 | ||||
| -rw-r--r-- | puppet/objectstorage-config.yaml | 3 | ||||
| -rw-r--r-- | puppet/services/apache.yaml | 10 | ||||
| -rw-r--r-- | puppet/services/glance-api.yaml | 13 | ||||
| -rw-r--r-- | puppet/services/glance-registry.yaml | 13 | ||||
| -rw-r--r-- | puppet/services/neutron-api.yaml | 28 | ||||
| -rw-r--r-- | puppet/services/neutron-metadata.yaml | 7 | ||||
| -rw-r--r-- | roles_data.yaml | 27 |
14 files changed, 391 insertions, 50 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml index 14d50f19..ae747621 100644 --- a/capabilities-map.yaml +++ b/capabilities-map.yaml @@ -41,17 +41,17 @@ root_template: overcloud.yaml root_environment: overcloud-resource-registry-puppet.yaml topics: - - title: Basic Configuration + - title: Base Resources Configuration description: environment_groups: - title: - description: Enable basic configuration required for OpenStack Deployment + description: Enable base configuration for all resources required for OpenStack Deployment environments: - file: overcloud-resource-registry-puppet.yaml - title: Default Configuration + title: Base resources configuration description: - - title: Deployment options + - title: Deployment Options description: environment_groups: - title: High Availability @@ -62,6 +62,15 @@ topics: description: Enable configuration of an Overcloud controller with Pacemaker requires: - overcloud-resource-registry-puppet.yaml + - title: Pacemaker options + description: + environments: + - file: environments/puppet-pacemaker-no-restart.yaml + title: Pacemaker No Restart + description: + requires: + - environments/puppet-pacemaker.yaml + - overcloud-resource-registry-puppet.yaml - title: Docker RDO description: > Docker container with heat agents for containerized compute node @@ -71,26 +80,114 @@ topics: description: requires: - overcloud-resource-registry-puppet.yaml + - title: Enable TLS + description: > + environments: + - file: environments/enable-tls.yaml + title: TLS + description: > + Use this option to pass in certificates for SSL deployments. + For these values to take effect, one of the TLS endpoints + environments must also be used. + requires: + - overcloud-resource-registry-puppet.yaml + - title: TLS Endpoints + description: > + environments: + - file: environments/tls-endpoints-public-dns.yaml + title: SSL-enabled deployment with DNS name as public endpoint + description: > + Use this environment when deploying an SSL-enabled overcloud where the public + endpoint is a DNS name. + requires: + - environments/enable-tls.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/tls-endpoints-public-ip.yaml + title: SSL-enabled deployment with IP address as public endpoint + description: > + Use this environment when deploying an SSL-enabled overcloud where the public + endpoint is an IP address. + requires: + - environments/enable-tls.yaml + - overcloud-resource-registry-puppet.yaml + - title: External load balancer + description: > + Enable external load balancer + environments: + - file: environments/external-loadbalancer-vip-v6.yaml + title: External load balancer IPv6 + description: > + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/external-loadbalancer-vip.yaml + title: External load balancer IPv4 + description: > + requires: + - overcloud-resource-registry-puppet.yaml + + - title: Additional Services + description: Deploy additional Overcloud services + environment_groups: + - title: Manila + description: + environments: + - file: environments/manila-generic-config.yaml + title: Manila + description: Enable Manila generic driver backend + requires: + - overcloud-resource-registry-puppet.yaml + - title: Sahara + description: + environments: + - file: environments/services/sahara.yaml + title: Sahara + description: Deploy Sahara service + requires: + - overcloud-resource-registry-puppet.yaml + - title: Ironic + description: + environments: + - file: environments/services/ironic.yaml + title: Ironic + description: Deploy Ironic service + requires: + - overcloud-resource-registry-puppet.yaml + - title: Mistral + description: + environments: + - file: environments/services/mistral.yaml + title: Mistral + description: Deploy Mistral service + requires: + - overcloud-resource-registry-puppet.yaml # - title: Network Interface Configuration # description: # environment_groups: - - title: Overlay network Configuration + - title: Overlay Network Configuration description: environment_groups: - title: Network Isolation - description: > - Enable the creation of Neutron networks for - isolated Overcloud traffic and configure each role to assign ports - (related to that role) on these networks. + description: environments: - file: environments/network-isolation.yaml title: Network Isolation - description: Enable Network Isolation + description: > + Enable the creation of Neutron networks for + isolated Overcloud traffic and configure each role to assign ports + (related to that role) on these networks. requires: - overcloud-resource-registry-puppet.yaml - - title: Single nic or Bonding + - file: environments/network-isolation-v6.yaml + title: Network Isolation IPv6 + description: > + Enable the creation of IPv6 Neutron networks for isolated Overcloud + traffic and configure each role to assign ports (related + to that role) on these networks. + requires: + - overcloud-resource-registry-puppet.yaml + - title: Single NIC or Bonding description: > Configure roles to use pair of bonded nics or to use Vlans on a single nic. This option assumes use of Network Isolation. @@ -104,23 +201,105 @@ topics: requires: - environments/network-isolation.yaml - overcloud-resource-registry-puppet.yaml + - file: environments/net-bond-with-vlans-no-external.yaml + title: Bond with Vlans No External Ports + description: > + Configure each role to use a pair of bonded nics (nic2 and + nic3) and configures an IP address on each relevant isolated network + for each role. This option assumes use of Network Isolation. + Sets external ports to noop. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-bond-with-vlans-v6.yaml + title: Bond with Vlans IPv6 + description: > + Configure each role to use a pair of bonded nics (nic2 and + nic3) and configures an IP address on each relevant isolated network + for each role, with IPv6 on the External network. + This option assumes use of Network Isolation IPv6. + requires: + - environments/network-isolation-v6.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-multiple-nics.yaml + title: Multiple NICs + description: > + Configures each role to use a separate NIC for + each isolated network. + This option assumes use of Network Isolation. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-multiple-nics-v6.yaml + title: Multiple NICs IPv6 + description: > + Configure each role to use a separate NIC for + each isolated network with IPv6 on the External network. + This option assumes use of Network Isolation IPv6. + requires: + - environments/network-isolation-v6.yaml + - overcloud-resource-registry-puppet.yaml - file: environments/net-single-nic-with-vlans.yaml - title: Single nic with Vlans + title: Single NIC with Vlans description: > - Configure each role to use Vlans on a single nic for + Configure each role to use Vlans on a single NIC for each isolated network. This option assumes use of Network Isolation. requires: - environments/network-isolation.yaml - overcloud-resource-registry-puppet.yaml + - file: environments/net-single-nic-with-vlans-no-external.yaml + title: Single NIC with Vlans No External Ports + description: > + Configure each role to use Vlans on a single NIC for + each isolated network. This option assumes use of Network Isolation. + Sets external ports to noop. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-single-nic-linux-bridge-with-vlans.yaml + title: Single NIC with Linux Bridge Vlans + description: > + Configure each role to use Vlans on a single NIC for + each isolated network. This option assumes use of Network Isolation. + requires: + - environments/network-isolation.yaml + - overcloud-resource-registry-puppet.yaml + - file: environments/net-single-nic-with-vlans-v6.yaml + title: Single NIC with Vlans IPv6 + description: > + Configures each role to use Vlans on a single NIC for + each isolated network with IPv6 on the External network. + This option assumes use of Network Isolation IPv6 + requires: + - environments/network-isolation-v6.yaml + - overcloud-resource-registry-puppet.yaml + - title: Management Network + description: > + Enable the creation of a system management network. This + creates a Neutron network for isolated Overcloud + system management traffic and configures each role to + assign a port (related to that role) on that network. + environments: + - file: environments/network-management.yaml + title: Management Network + description: + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/network-management-v6.yaml + title: Management Network IPv6 + description: + requires: + - overcloud-resource-registry-puppet.yaml - title: Neutron Plugin Configuration description: environment_groups: - - title: BigSwitch extensions or Cisco N1KV backend - description: + - title: Neutron Plugins + description: > + Enable various Neutron plugins and backends environments: - file: environments/neutron-ml2-bigswitch.yaml - title: BigSwitch extensions + title: BigSwitch Extensions description: > Enable Big Switch extensions, configured via puppet requires: @@ -131,28 +310,101 @@ topics: Enable a Cisco N1KV backend, configured via puppet requires: - overcloud-resource-registry-puppet.yaml - - title: Cisco Neutron plugin - description: > - Enable a Cisco Neutron plugin - environments: - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml title: Cisco Neutron plugin description: requires: - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-midonet.yaml + title: Deploy MidoNet Services + description: + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-nuage-config.yaml + title: Neutron Nuage backend + description: Enables Neutron Nuage backend on the controller + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-opencontrail.yaml + title: OpenContrail Extensions + description: Enables OpenContrail extensions + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-opendaylight.yaml + title: OpenDaylight + description: Enables OpenDaylight + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-opendaylight-l3.yaml + title: OpenDaylight with L3 DVR + description: Enables OpenDaylight with L3 DVR + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-ovs-dpdk.yaml + title: DPDK with OVS + description: Deploy DPDK with OVS + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-ovs-dvr.yaml + title: DVR + description: Enables DVR in the Overcloud + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/neutron-plumgrid.yaml + title: PLUMgrid extensions + description: Enables PLUMgrid extensions + requires: + - overcloud-resource-registry-puppet.yaml + + - title: Nova Extensions + description: + environment_groups: + - title: Nova Extensions + description: + environments: + - file: environments/nova-nuage-config.yaml + title: Nuage backend + description: > + Enables Nuage backend on the Compute + requires: + - overcloud-resource-registry-puppet.yaml - title: Storage description: environment_groups: - - title: Cinder NetApp backend + - title: Cinder backup service + description: + environments: + - file: environments/cinder-backup.yaml + title: Cinder backup service + description: > + OpenStack Cinder Backup service with Pacemaker configured + with Puppet + requires: + - environments/puppet-pacemaker.yaml + - overcloud-resource-registry-puppet.yaml + - title: Cinder backend description: > - Enable a Cinder NetApp backend, configured via puppet + Enable various Cinder backends environments: - file: environments/cinder-netapp-config.yaml title: Cinder NetApp backend description: requires: - overcloud-resource-registry-puppet.yaml + - file: environments/cinder-dellsc-config.yaml + title: Cinder Dell Storage Center ISCSI backend + description: > + Enables a Cinder Dell Storage Center ISCSI backend, configured + via puppet + requires: + - overcloud-resource-registry-puppet.yaml + - file: environments/cinder-eqlx-config.yaml + title: Cinder EQLX backend + description: > + Enables a Cinder EQLX backend, configured via puppet + requires: + - overcloud-resource-registry-puppet.yaml - title: Externally managed Ceph description: > Enable the use of an externally managed Ceph cluster @@ -224,6 +476,14 @@ topics: description: requires: - overcloud-resource-registry-puppet.yaml + - title: Manage Firewall + description: + environments: + - file: environments/manage-firewall.yaml + title: Manage Firewall + description: + requires: + - overcloud-resource-registry-puppet.yaml - title: Operational Tools description: diff --git a/environments/low-memory-usage.yaml b/environments/low-memory-usage.yaml new file mode 100644 index 00000000..2e496f89 --- /dev/null +++ b/environments/low-memory-usage.yaml @@ -0,0 +1,14 @@ +# Lower the memory usage of overcloud. +parameter_defaults: + CeilometerWorkers: 1 + CinderWorkers: 1 + GlanceWorkers: 1 + HeatWorkers: 1 + KeystoneWorkers: 1 + NeutronWorkers: 1 + NovaWorkers: 1 + SaharaWorkers: 1 + SwiftWorkers: 1 + + ApacheMaxRequestWorkers: 32 + ApacheServerLimit: 32 diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml index 187741ff..aad1af62 100644 --- a/overcloud.j2.yaml +++ b/overcloud.j2.yaml @@ -121,16 +121,12 @@ parameters: resource_registry) which represent nested stacks for each service that should get installed on the {{role.name}} role. type: comma_delimited_list - {% if role.ServicesDefault %} - default: {{role.ServicesDefault}} - {% endif %} + default: {{role.ServicesDefault|default([])}} {{role.name}}Count: description: Number of {{role.name}} nodes to deploy type: number - {% if role.CountDefault %} - default: {{role.CountDefault}} - {% endif %} + default: {{role.CountDefault|default(0)}} {{role.name}}HostnameFormat: type: string @@ -140,6 +136,8 @@ parameters: and %stackname% is replaced with the stack name e.g overcloud {% if role.HostnameFormatDefault %} default: "{{role.HostnameFormatDefault}}" + {% else %} + default: "%stackname%-{{role.name.lower()}}-%index%" {% endif %} {{role.name}}RemovalPolicies: diff --git a/puppet/blockstorage-config.yaml b/puppet/blockstorage-config.yaml index 9b31b448..e455c4cb 100644 --- a/puppet/blockstorage-config.yaml +++ b/puppet/blockstorage-config.yaml @@ -24,6 +24,9 @@ resources: enable_hiera: True enable_facter: False modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + inputs: + - name: step + type: Number outputs: - name: result config: diff --git a/puppet/cephstorage-config.yaml b/puppet/cephstorage-config.yaml index 4bad4a16..3f428609 100644 --- a/puppet/cephstorage-config.yaml +++ b/puppet/cephstorage-config.yaml @@ -24,6 +24,9 @@ resources: enable_hiera: True enable_facter: False modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + inputs: + - name: step + type: Number outputs: - name: result config: diff --git a/puppet/compute-config.yaml b/puppet/compute-config.yaml index 9e128d3a..2314c47d 100644 --- a/puppet/compute-config.yaml +++ b/puppet/compute-config.yaml @@ -24,6 +24,9 @@ resources: enable_hiera: True enable_facter: False modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + inputs: + - name: step + type: Number outputs: - name: result config: diff --git a/puppet/controller-config.yaml b/puppet/controller-config.yaml index 811c544d..99c7b26e 100644 --- a/puppet/controller-config.yaml +++ b/puppet/controller-config.yaml @@ -26,6 +26,9 @@ resources: modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules outputs: - name: result + inputs: + - name: step + type: Number config: list_join: - '' diff --git a/puppet/objectstorage-config.yaml b/puppet/objectstorage-config.yaml index 1dee8e60..33480544 100644 --- a/puppet/objectstorage-config.yaml +++ b/puppet/objectstorage-config.yaml @@ -24,6 +24,9 @@ resources: enable_hiera: True enable_facter: False modulepath: /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules + inputs: + - name: step + type: Number outputs: - name: result config: diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml index 7595e4c3..c9792019 100644 --- a/puppet/services/apache.yaml +++ b/puppet/services/apache.yaml @@ -5,6 +5,14 @@ description: > automatically via other services which run via Apache. parameters: + ApacheMaxRequestWorkers: + default: 256 + description: Maximum number of simultaneously processed requests. + type: number + ApacheServerLimit: + default: 256 + description: Maximum number of Apache processes. + type: number ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set @@ -38,5 +46,7 @@ outputs: template: "NETWORK_subnet" params: NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]} + apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers } + apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit } apache::mod::remoteip::proxy_ips: - "%{hiera('apache_remote_proxy_ips_network')}" diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index f0ec8230..51f19baf 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -45,9 +45,16 @@ parameters: constraints: - allowed_values: ['swift', 'file', 'rbd'] GlanceWorkers: - default: 0 - description: Number of workers for Glance service. - type: number + default: '' + description: | + Number of API worker processes for Glance. If left unset (empty string), the + default value will result in the configuration being left unset and a + system-dependent default value will be chosen (e.g.: number of + processors). Please note that this will create a large number of + processes on systems with a large number of CPUs resulting in excess + memory consumption. It is recommended that a suitable non-default value + be selected on such systems. + type: string GlanceRbdPoolName: default: images type: string diff --git a/puppet/services/glance-registry.yaml b/puppet/services/glance-registry.yaml index 864e970f..2b7b4345 100644 --- a/puppet/services/glance-registry.yaml +++ b/puppet/services/glance-registry.yaml @@ -27,9 +27,16 @@ parameters: type: string hidden: true GlanceWorkers: - default: 0 - description: Number of workers for Glance service. - type: number + default: '' + description: | + Number of worker processes for glance registry. If left unset (empty + string), the default value will result in the configuration being left + unset and a system-dependent default value will be chosen (e.g.: number of + processors). Please note that this will create a large number of processes + on systems with a large number of CPUs resulting in excess memory + consumption. It is recommended that a suitable non-default value be + selected on such systems. + type: string MonitoringSubscriptionGlanceRegistry: default: 'overcloud-glance-registry' type: string diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml index 35934f7e..b939e7be 100644 --- a/puppet/services/neutron-api.yaml +++ b/puppet/services/neutron-api.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > OpenStack Neutron Server configured with Puppet @@ -39,7 +39,10 @@ parameters: type: string NeutronL3HA: default: false - description: Whether to enable HA for virtual routers + description: | + Whether to enable HA for virtual routers. While the default value is + 'false', L3 HA will be automatically enabled if the number of nodes hosting + controller configurations and DVR is disabled. type: boolean NovaPassword: description: The password for the nova service and db account, used by nova-api. @@ -61,6 +64,13 @@ parameters: default: tag: openstack.neutron.api path: /var/log/neutron/server.log + ControllerCount: + description: | + Under normal conditions, this should not be overridden manually and is + set at deployment time. The default value is present to allow the + template to be used in environments that do not override it. + default: 1 + type: number resources: @@ -71,6 +81,18 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} +conditions: + + auto_enable_l3_ha: + and: + - not: + equals: + - get_param: ControllerCount + - 1 + - equals: + - get_param: NeutronEnableDVR + - false + outputs: role_data: description: Role data for the Neutron Server agent service. @@ -103,7 +125,7 @@ outputs: neutron::server::api_workers: {get_param: NeutronWorkers} neutron::server::rpc_workers: {get_param: NeutronWorkers} neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} - neutron::server::l3_ha: {get_param: NeutronL3HA} + neutron::server::l3_ha: {if: ["auto_enable_l3_ha", true, {get_param: NeutronL3HA}]} neutron::keystone::authtoken::password: {get_param: NeutronPassword} neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] } diff --git a/puppet/services/neutron-metadata.yaml b/puppet/services/neutron-metadata.yaml index 0479231f..a124d4a1 100644 --- a/puppet/services/neutron-metadata.yaml +++ b/puppet/services/neutron-metadata.yaml @@ -65,11 +65,6 @@ outputs: neutron::agents::metadata::auth_password: {get_param: NeutronPassword} neutron::agents::metadata::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } neutron::agents::metadata::auth_tenant: 'service' - # NOTE: bind IP is found in Heat replacing the network name with the local node IP - # for the given network; replacement examples (eg. for internal_api): - # internal_api -> IP - # internal_api_uri -> [IP] - # internal_api_subnet - > IP/CIDR - neutron::agents::metadata::metadata_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]} + neutron::agents::metadata::metadata_ip: '"%{hiera(\"nova_metadata_vip\")}"' step_config: | include tripleo::profile::base::neutron::metadata diff --git a/roles_data.yaml b/roles_data.yaml index af1eba82..e052aeef 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -1,6 +1,25 @@ +# Specifies which roles (groups of nodes) will be deployed +# Note this is used as an input to the various *.j2.yaml +# jinja2 templates, so that they are converted into *.yaml +# during the plan creation (via a mistral action/workflow). +# +# The format is a list, with the following format: +# +# * name: (string) mandatory, name of the role, must be unique +# +# CountDefault: (number) optional, default number of nodes, defaults to 0 +# sets the default for the {{role.name}}Count parameter in overcloud.yaml +# +# HostnameFormatDefault: (string) optional default format string for hostname +# defaults to '%stackname%-{{role.name.lower()}}-%index%' +# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml +# +# ServicesDefault: (list) optional default list of services to be deployed +# on the role, defaults to an empty list. Sets the default for the +# {{role.name}}Services parameter in overcloud.yaml + - name: Controller CountDefault: 1 - HostnameFormatDefault: '%stackname%-controller-%index%' ServicesDefault: - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephMon @@ -102,8 +121,6 @@ - OS::TripleO::Services::VipHosts - name: BlockStorage - CountDefault: 0 - HostnameFormatDefault: '%stackname%-blockstorage-%index%' ServicesDefault: - OS::TripleO::Services::CACerts - OS::TripleO::Services::CinderVolume @@ -118,8 +135,6 @@ - OS::TripleO::Services::VipHosts - name: ObjectStorage - CountDefault: 0 - HostnameFormatDefault: '%stackname%-objectstorage-%index%' ServicesDefault: - OS::TripleO::Services::CACerts - OS::TripleO::Services::Kernel @@ -135,8 +150,6 @@ - OS::TripleO::Services::VipHosts - name: CephStorage - CountDefault: 0 - HostnameFormatDefault: '%stackname%-cephstorage-%index%' ServicesDefault: - OS::TripleO::Services::CACerts - OS::TripleO::Services::CephOSD |